This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/l7vqUvWixzOjuTmLQCIi933QyGA.roa
File:                     l7vqUvWixzOjuTmLQCIi933QyGA.roa (raw, json)
Hash identifier:          iy85og1HuYFQwwMzqjzuGU0OFL39IrPrhL+Uovv9RPw=
Subject key identifier:   97:BB:EA:52:F5:A2:C7:33:A3:B9:39:8B:40:22:22:F7:7D:D0:C8:60
Certificate issuer:       /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial:       019B7758E7EC9D50F90D376397B7879070D0
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/l7vqUvWixzOjuTmLQCIi933QyGA.roa
Signing time:             Thu 01 Jan 2026 02:17:53 +0000
ROA not before:           Thu 01 Jan 2026 02:17:53 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     58329
IP address blocks:        45.155.249.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 21 Jan 2026 14:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:58:e7:ec:9d:50:f9:0d:37:63:97:b7:87:90:70:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
        Validity
            Not Before: Jan  1 02:17:53 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=97bbea52f5a2c733a3b9398b402222f77dd0c860
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:7f:b0:67:0c:69:32:d6:8e:e6:85:b8:5b:84:
                    a7:6a:2f:a9:22:a3:df:36:22:91:ca:a6:c7:75:8a:
                    82:46:2f:70:e2:04:90:f5:ba:50:0c:dd:34:ee:e9:
                    84:10:b8:4b:3b:1c:cd:ea:aa:8a:5d:14:b9:84:4d:
                    00:09:6b:f1:2b:1b:4b:55:cd:98:06:0c:6b:ea:47:
                    f2:d1:39:fd:a2:87:3c:79:6b:4b:d8:05:ec:da:d8:
                    14:3c:11:0e:8a:8f:23:cf:76:8d:a1:1b:17:2a:06:
                    89:41:6a:41:ec:33:08:4c:6d:f7:f1:df:c4:c8:1a:
                    f1:aa:40:c1:14:80:4a:cd:ff:b9:f7:c2:87:d3:98:
                    cf:33:9f:ae:45:69:63:ea:e2:57:c1:7b:7b:15:d0:
                    bf:81:be:6e:4b:6b:5f:38:74:eb:fc:88:b2:04:8c:
                    c0:8d:4c:3e:5e:f8:78:5b:5d:cb:3f:5c:a6:fb:59:
                    71:84:ce:c6:cb:26:3b:38:81:b4:2e:1e:91:bf:85:
                    4b:1c:58:0f:6b:a6:6c:49:44:6b:c5:b2:b9:04:8c:
                    0d:b6:2c:48:e2:91:f9:81:9f:ea:b9:d2:a8:5d:f4:
                    5e:92:4a:dc:1f:ff:7e:a6:d9:b3:53:3f:cc:d5:5f:
                    25:84:06:e2:6a:47:7d:2c:7a:ff:c0:b0:83:34:3e:
                    8f:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:BB:EA:52:F5:A2:C7:33:A3:B9:39:8B:40:22:22:F7:7D:D0:C8:60
            X509v3 Authority Key Identifier:
                keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/l7vqUvWixzOjuTmLQCIi933QyGA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:6e:e1:08:33:df:a8:25:c9:d2:9b:98:fd:95:3a:45:bc:c0:
         58:ba:42:4e:d4:ca:18:91:88:9d:a2:0c:0d:56:81:f9:f6:93:
         c3:34:c1:36:e4:b9:ca:59:23:ab:a6:75:5e:80:4c:a1:42:dd:
         83:9a:ab:3b:6f:d2:6c:ae:d5:2e:5b:2f:43:e7:83:4f:65:83:
         8d:ff:cf:da:e4:67:a1:c1:44:44:e7:22:2b:25:7a:aa:a0:75:
         8c:9d:a7:45:e9:cf:be:2d:e7:be:fc:57:ef:8d:be:7d:b3:13:
         ea:75:19:5b:3e:d3:11:28:b9:77:94:6c:4d:e6:bf:72:62:da:
         46:4d:f4:39:6a:58:b2:be:ca:5d:c8:9e:19:e2:1c:3c:48:0a:
         e3:24:0e:3d:ee:8e:b8:f9:d5:a5:56:2f:c4:d0:92:9a:88:95:
         b6:b5:a2:68:7c:b9:e9:ec:e7:13:62:a8:d4:fe:f8:68:e2:83:
         82:05:69:74:c9:80:cd:e6:90:cf:83:0d:0c:3d:d0:98:69:79:
         72:49:db:36:53:cf:79:80:a7:6e:38:30:f1:c7:d2:85:32:d4:
         e2:73:f7:08:99:97:69:0c:f2:99:b0:4a:f5:35:d3:56:88:b1:
         4b:26:9d:dc:06:dd:2f:fd:b5:ca:d4:35:6b:3d:2f:3b:29:80:
         dd:33:89:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3WOfsnVD5DTdjl7eHkHDQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjYwMTAxMDIxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2JiZWE1MmY1YTJjNzMzYTNiOTM5OGI0MDIyMjJmNzdkZDBjODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3+wZwxpMtaO5oW4W4Snai+pIqPf
NiKRyqbHdYqCRi9w4gSQ9bpQDN007umEELhLOxzN6qqKXRS5hE0ACWvxKxtLVc2Y
Bgxr6kfy0Tn9ooc8eWtL2AXs2tgUPBEOio8jz3aNoRsXKgaJQWpB7DMITG338d/E
yBrxqkDBFIBKzf+598KH05jPM5+uRWlj6uJXwXt7FdC/gb5uS2tfOHTr/IiyBIzA
jUw+Xvh4W13LP1ym+1lxhM7GyyY7OIG0Lh6Rv4VLHFgPa6ZsSURrxbK5BIwNtixI
4pH5gZ/qudKoXfRekkrcH/9+ptmzUz/M1V8lhAbiakd9LHr/wLCDND6P7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJe76lL1osczo7k5i0AiIvd90MhgMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvbDd2cVV2V2l4ek9qdVRtTFFDSWk5MzNReUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZv5MA0G
CSqGSIb3DQEBCwUAA4IBAQBZbuEIM9+oJcnSm5j9lTpFvMBYukJO1MoYkYidogwN
VoH59pPDNME25LnKWSOrpnVegEyhQt2Dmqs7b9JsrtUuWy9D54NPZYON/8/a5Geh
wURE5yIrJXqqoHWMnadF6c++Lee+/Ffvjb59sxPqdRlbPtMRKLl3lGxN5r9yYtpG
TfQ5aliyvspdyJ4Z4hw8SArjJA497o64+dWlVi/E0JKaiJW2taJofLnp7OcTYqjU
/vho4oOCBWl0yYDN5pDPgw0MPdCYaXlySds2U895gKduODDxx9KFMtTic/cImZdp
DPKZsEr1NdNWiLFLJp3cBt0v/bXK1DVrPS87KYDdM4kp
-----END CERTIFICATE-----